Add SRI for static assets
Will extract out into a library someday
This commit is contained in:
parent
15c25e5cdb
commit
2d7dea438f
GPG key ID:
57AFB45680EDD477
3 changed files with 59 additions and 4 deletions
|
|
@ -1,4 +1,5 @@
|
|||
{% load static %}
|
||||
{% load sri %}
|
||||
|
||||
<!DOCTYPE HTML>
|
||||
<html lang="en" dir="ltr">
|
||||
|
|
@ -13,8 +14,10 @@
|
|||
<link rel="icon" type="image/png" href='{% static "img/logo-transparent.png" %}'/>
|
||||
|
||||
<title>{% block title %}{% endblock %} :: TheOrangeOne</title>
|
||||
<link rel="stylesheet" href="{% static 'css/font-awesome.min.css' %}" />
|
||||
<link rel="stylesheet" href="{% static 'css/index.css' %}" />
|
||||
|
||||
{% sri_css "css/font-awesome.min.css" %}
|
||||
{% sri_css "css/index.css" %}
|
||||
|
||||
</head>
|
||||
<body class="{{ view_name }}">
|
||||
<header id="top">
|
||||
|
|
@ -47,8 +50,9 @@
|
|||
</footer>
|
||||
{% endblock %}
|
||||
|
||||
<script type="text/javascript" src="{% static 'js/materialize.min.js' %}"></script>
|
||||
<script type="text/javascript" src="{% static 'js/index.js' %}"></script>
|
||||
|
||||
{% sri_js "js/materialize.min.js" %}
|
||||
{% sri_js "js/index.js" %}
|
||||
|
||||
{% block extrascripts %}{% endblock %}
|
||||
</body>
|
||||
|
|
|
|||
0
website/common/templatetags/__init__.py
Normal file
0
website/common/templatetags/__init__.py
Normal file
51
website/common/templatetags/sri.py
Normal file
51
website/common/templatetags/sri.py
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
# Based off https://github.com/claudep/django/commit/89aa4c04dbffcbafc05c3e2053b2262be8de4d3d
|
||||
|
||||
import base64
|
||||
import hashlib
|
||||
import os
|
||||
from functools import lru_cache
|
||||
|
||||
from django import template
|
||||
from django.conf import settings
|
||||
from django.templatetags.static import static
|
||||
from django.utils.safestring import mark_safe
|
||||
|
||||
register = template.Library()
|
||||
|
||||
|
||||
@lru_cache
|
||||
def generate_sha256(path):
|
||||
with open(path, "r") as f:
|
||||
body = f.read()
|
||||
digest = hashlib.sha256(body.encode()).digest()
|
||||
sha = base64.b64encode(digest).decode()
|
||||
return "sha256-{}".format(sha)
|
||||
|
||||
|
||||
def attrs_to_str(attrs):
|
||||
return " ".join('{}="{}"'.format(k, v) for k, v in attrs.items())
|
||||
|
||||
|
||||
@register.simple_tag
|
||||
def sri_js(url):
|
||||
path = os.path.join(settings.STATIC_ROOT, url)
|
||||
attrs = {
|
||||
"href": static(url),
|
||||
"type": "text/javascript",
|
||||
"integrity": generate_sha256(path),
|
||||
"crossorigin": "anonymous",
|
||||
}
|
||||
return mark_safe(f"<script {attrs_to_str(attrs)}></script>")
|
||||
|
||||
|
||||
@register.simple_tag
|
||||
def sri_css(url):
|
||||
path = os.path.join(settings.STATIC_ROOT, url)
|
||||
attrs = {
|
||||
"href": static(url),
|
||||
"type": "text/css",
|
||||
"rel": "stylesheet",
|
||||
"integrity": generate_sha256(path),
|
||||
"crossorigin": "anonymous",
|
||||
}
|
||||
return mark_safe(f"<link {attrs_to_str(attrs)}/>")
|
||||
Reference in a new issue